Open Source Case

There are nine security vulnerabilities affecting open source projects such as Espo CRM, Pimcore and Akauting. The bug can enable an authentic adversary to execute arbitrary javascript code that can launch attacks via a specially crafted HTTP request and can change the company associated with the user account. Forgot your password? The bug can also send out phishing emails from the app of the registered user containing a malicious link that when clicked, the bug can change your password.